commit a6144ec5c006938e0be0fb1540b594b70a278056
parent 60592eb8d4206543acca3c487adc3f5525e11d79
Author: Leah (ctucx) <git@ctu.cx>
Date: Fri, 12 May 2023 15:34:31 +0200
parent 60592eb8d4206543acca3c487adc3f5525e11d79
Author: Leah (ctucx) <git@ctu.cx>
Date: Fri, 12 May 2023 15:34:31 +0200
machines/lollo/websites/wifionic.de -> machines/briefkasten/websites/wifionic.de
4 files changed, 69 insertions(+), 72 deletions(-)
A
|
68
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
D
|
70
----------------------------------------------------------------------
diff --git a/machines/briefkasten/websites/default.nix b/machines/briefkasten/websites/default.nix @@ -5,6 +5,7 @@ imports = [ ./music.home.ctu.cx.nix ./flauschehorn.sexy.nix + ./wifionic.de.nix ]; }
diff --git a/machines/briefkasten/websites/wifionic.de.nix b/machines/briefkasten/websites/wifionic.de.nix @@ -0,0 +1,68 @@ +{ config, pkgs, lib, ... }: + +let + version = "262"; + +in { + + dns.zones."wifionic.de" = lib.mkIf config.networking.usePBBUplink (pkgs.dns.lib.combinators.host config.networking.primaryIP4 config.networking.primaryIP); + + systemd.services.check-o2tiles = { + onFailure = [ "email-notify@%i.service" ]; + startAt = "*-*-* 3:00:00"; + after = [ "network-online.target" ]; + path = [ pkgs.curl ]; + script = '' + curl --fail "https://dccb7552-tiles.spatialbuzz.net/tiles/o2_de-v${version}/styles/o2_de_v${version}_4g/15/17303/10472.png" 1> /dev/null; + ''; + serviceConfig = { + Type = "oneshot"; + + DynamicUser = true; + + NoNewPrivileges = true; + PrivateTmp = true; + PrivateDevices = true; + + RestrictAddressFamilies = "AF_INET AF_INET6"; + RestrictNamespaces = true; + RestrictRealtime = true; + + ProtectSystem = "full"; + ProtectControlGroups = true; + ProtectKernelModules = true; + ProtectKernelTunables = true; + + DevicePolicy = "closed"; + LockPersonality = true; + }; + }; + + + services.nginx = { + enable = true; + virtualHosts."wifionic.de" = { + enableACME = lib.mkIf config.networking.usePBBUplink true; + forceSSL = lib.mkIf config.networking.usePBBUplink true; + kTLS = lib.mkIf config.networking.usePBBUplink true; + locations = { + "/".root = pkgs.mobile-coverage-map; + + "/vodafone-map" = { + proxyPass = "https://netmap.vodafone.de/arcgis/rest/services/CoKart/netzabdeckung_mobilfunk_4x"; + extraConfig = "proxy_set_header Accept-Encoding '';"; + }; + + "/magenta-at-map" = { + proxyPass = "https://app.wigeogis.com/kunden/tmobile/data/geoserver.php"; + extraConfig = '' + proxy_set_header Accept-Encoding ""; + proxy_set_header Host "app.wigeogis.com"; + ''; + }; + + }; + }; + }; + +}
diff --git a/machines/lollo/websites/default.nix b/machines/lollo/websites/default.nix @@ -8,8 +8,6 @@ # ./storage.home.ctu.cx ./photos.ctu.cx.nix - ./wifionic.de.nix - ./oeffisear.ch.nix ];
diff --git a/machines/lollo/websites/wifionic.de.nix b/machines/lollo/websites/wifionic.de.nix @@ -1,70 +0,0 @@ -{ config, pkgs, lib, ... }: - -let - version = "262"; - -in { - - dns.zones."wifionic.de" = lib.mkIf config.networking.usePBBUplink (pkgs.dns.lib.combinators.host "195.39.246.42" "2a0f:4ac0:acab::42"); - - systemd = { - services.check-o2tiles = { - onFailure = [ "email-notify@%i.service" ]; - startAt = "*-*-* 3:00:00"; - after = [ "network-online.target" ]; - path = [ pkgs.curl ]; - script = '' - curl --fail "https://dccb7552-tiles.spatialbuzz.net/tiles/o2_de-v${version}/styles/o2_de_v${version}_4g/15/17303/10472.png" 1> /dev/null; - ''; - serviceConfig = { - Type = "oneshot"; - - DynamicUser = true; - - NoNewPrivileges = true; - PrivateTmp = true; - PrivateDevices = true; - - RestrictAddressFamilies = "AF_INET AF_INET6"; - RestrictNamespaces = true; - RestrictRealtime = true; - - ProtectSystem = "full"; - ProtectControlGroups = true; - ProtectKernelModules = true; - ProtectKernelTunables = true; - - DevicePolicy = "closed"; - LockPersonality = true; - }; - }; - }; - - - services.nginx = { - enable = true; - virtualHosts."wifionic.de" = { - enableACME = lib.mkIf config.networking.usePBBUplink true; - forceSSL = lib.mkIf config.networking.usePBBUplink true; - kTLS = lib.mkIf config.networking.usePBBUplink true; - locations = { - "/".root = pkgs.mobile-coverage-map; - - "/vodafone-map" = { - proxyPass = "https://netmap.vodafone.de/arcgis/rest/services/CoKart/netzabdeckung_mobilfunk_4x"; - extraConfig = "proxy_set_header Accept-Encoding '';"; - }; - - "/magenta-at-map" = { - proxyPass = "https://app.wigeogis.com/kunden/tmobile/data/geoserver.php"; - extraConfig = '' - proxy_set_header Accept-Encoding ""; - proxy_set_header Host "app.wigeogis.com"; - ''; - }; - - }; - }; - }; - -}